Solved

Cisco VPN static-to-dynamic

Posted on 2013-01-17
7
412 Views
Last Modified: 2013-04-26
Hi,
On my PIX v.8 I have already site to site vpns configured, and I have too remote access vpn configured, what I need to configure now is another vpn with a remote site with dynamic ip.
The remote site has Cisco 877 Router, on it, I already configured the crypto stuff and access list, but I don't know how to configure this new vpn on the PIX adding it to the others already configured.
Any help will be appreciated.
0
Comment
Question by:arefone
7 Comments
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
Site to site normally requires static IP addressing. There are two approaches:

1. Use DynDNS to provide a static address even though your remote site changes.  

http://dyn.com/dns/

2. If the remote IP address changes infrequently (not more frequently that once a year) then just use the address and change when needed. I use this approach for my home office site to site tunnels.

.... Thinkpads_User
0
 
LVL 18

Accepted Solution

by:
fgasimzade earned 500 total points
Comment Utility
0
 
LVL 1

Author Comment

by:arefone
Comment Utility
I tried already that doc, it did not work, when I try to issue the command "tunnel-group DefaultL2LGroup general-attributes
   authentication-server-group none" on the pix, it tells that no "authentication-server-group none" option available.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 18

Expert Comment

by:fgasimzade
Comment Utility
Just dont use this option. The configuration described there is 100% working
0
 
LVL 1

Author Comment

by:arefone
Comment Utility
Sorry Fgasimzade, can you post me the configs I need to implement on my pix without having all the stuff I don't need so it helps better?
0
 
LVL 1

Expert Comment

by:Xvidalx
Comment Utility
yessss.. configs and logs... will help
0
 
LVL 1

Author Closing Comment

by:arefone
Comment Utility
with "tunnel-group DefaultL2LGroup ipsec-attributes" command on PIX it worked.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now